Add files via upload

overleafmongo/compose.yaml

@@ -0,0 +1,33 @@
+# docker network create overleaf-network
+services:
+  overleafmongo:
+    image: "mongo:5.0"
+    container_name: overleafmongo
+    hostname: overleafmongo
+    restart: always
+    healthcheck:
+      test: "mongosh --quiet --eval 'rs.hello().setName ? rs.hello().setName : rs.initiate({_id: \"overleaf\",members:[{_id: 0, host:\"overleafmongo:27017\"}]})'"
+      interval: 10s
+      timeout: 10s
+      retries: 5
+    command: "--replSet overleaf"
+    expose:
+      - 27017
+    volumes:
+      - overleaf_mongo:/data/db
+      - overleaf_mongo_cdb:/data/configdb
+      - /var/run/docker.sock:/var/run/docker.sock
+    networks:
+      - overleaf-network
+    extra_hosts:
+      - "mongo:127.0.0.1"
+      - "overleafmongo:127.0.0.1"
+
+volumes:
+  overleaf_mongo:
+  overleaf_mongo_cdb:
+
+networks:
+  overleaf-network:
+    external: true
+

overleafnginx/compose.yaml

@@ -0,0 +1,22 @@
+services:
+  overleafnginx:
+    image: nginx:stable-alpine
+    container_name: overleafnginx
+    hostname: overleafnginx
+    restart: always
+    volumes:
+      - "/root/overleafnginx/key.pem:/certs/nginx_key.pem:ro"
+      - "/root/overleafnginx/ca.pem:/certs/nginx_certificate.pem:ro"
+      - "/root/overleafnginx/nginx.conf:/etc/nginx/nginx.conf:ro"
+    ports:
+      - "0.0.0.0:443:443"
+      - "0.0.0.0:80:80"
+    environment:
+      NGINX_WORKER_PROCESSES: "4"
+      NGINX_WORKER_CONNECTIONS: "768"
+    networks:
+      - overleaf-network
+
+networks:
+  overleaf-network:
+    external: true

overleafnginx/nginx.conf

@@ -0,0 +1,32 @@
+          events {}
+          http {
+            server {
+              listen 80 default_server;
+              server_name _;
+              return 301 https://$host$request_uri;
+            }
+            server {
+              listen 443 ssl;
+              ssl_certificate      /certs/nginx_certificate.pem;
+              ssl_certificate_key  /certs/nginx_key.pem;
+              ssl_protocols               TLSv1 TLSv1.1 TLSv1.2;
+              ssl_prefer_server_ciphers   on;
+              ssl_ciphers                 EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
+              add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
+              server_tokens off;
+              client_max_body_size 50M;
+
+              location / {
+                proxy_pass http://overleafserver:80;
+                proxy_set_header X-Forwarded-Proto $scheme;
+                proxy_http_version 1.1;
+                proxy_set_header Upgrade $http_upgrade;
+                proxy_set_header Connection "upgrade";
+                proxy_set_header Host $host;
+                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+                proxy_read_timeout 3m;
+                proxy_send_timeout 3m;
+              }
+            }
+          }
+

overleafredis/compose.yaml

@@ -0,0 +1,28 @@
+# docker network create overleaf-network
+services:
+  overleafredis:
+    image: "redis:6.2-alpine"
+    container_name: overleafredis
+    hostname: overleafredis
+    restart: always
+    healthcheck:
+      test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
+      start_period: 20s
+      interval: 30s
+      retries: 5
+      timeout: 3s
+    command: --save 60 1 --loglevel warning
+    volumes:
+      - overleaf_redis:/data
+      - /var/run/docker.sock:/var/run/docker.sock
+    expose:
+      - 6379
+    networks:
+      - overleaf-network
+
+volumes:
+  overleaf_redis:
+
+networks:
+  overleaf-network:
+    external: true

overleafserver/compose.yaml

@@ -0,0 +1,82 @@
+# docker network create overleaf-network
+# FIREWALL NOTES:
+# docker network ls | grep overleaf-network
+#
+# ufw allow in on br-ff9f46af3644
+# ufw route allow in on br-ff9f46af3644
+# ufw route allow out on br-ff9f46af3644
+#
+# ufw status numbered
+# ufw delete [NUMBER]
+# sed -i -e 's/DEFAULT_FORWARD_POLICY="DROP"/DEFAULT_FORWARD_POLICY="ACCEPT"/g' /etc/default/ufw
+# ufw reload
+#
+# iptables -t nat -A POSTROUTING ! -o docker0 -s 172.18.0.0/16 -j MASQUERADE
+# iptables -t nat -A POSTROUTING ! -o br-ff9f46af3644 -s 172.18.0.0/16 -j MASQUERADE
+
+##############
+# TEX UPDATE #
+##############
+
+### For updating the tex, disable the other network setting and use:
+# And then we update the tex with:
+# docker exec -it overleafserver /bin/bash
+# cd /root
+# rm -rf install-tl-*
+# curl -L -o tl-unx.tar.gz https://mirror.ctan.org/systems/texlive/tlnet/install-tl-unx.tar.gz
+# tar -xzf tl-unx.tar.gz
+# cd install-tl-*
+# perl ./install-tl --no-interaction
+
+services:
+  overleafserver:
+    image: "sharelatex/sharelatex"
+    container_name: overleafserver
+    hostname: overleafserver
+    restart: always
+    volumes:
+      - overleaf_data:/var/lib/overleaf
+      - overleaf_tex2024:/usr/local/texlive/2024
+      - overleaf_tex2024:/usr/local/texlive/2023
+      - /var/run/docker.sock:/var/run/docker.sock
+
+    ports:
+      - 11001:80
+    environment:
+      GIT_BRIDGE_ENABLED: "false"
+      GIT_BRIDGE_HOST: "git-bridge"
+      GIT_BRIDGE_PORT: "8000"
+
+      REDIS_HOST: "overleafredis"
+      REDIS_PORT: "6379"
+      OVERLEAF_REDIS_HOST: "overleafredis"
+
+      V1_HISTORY_URL: "http://127.0.0.1:3100/api"
+      OVERLEAF_MONGO_URL: "mongodb://overleafmongo/sharelatex"
+      OVERLEAF_APP_NAME: "FB1 University of Bremen Overleaf"
+      ENABLED_LINKED_FILE_TYPES: "project_file,project_output_file"
+      ENABLE_CONVERSIONS: "true"
+      EMAIL_CONFIRMATION_DISABLED: "false"
+      OVERLEAF_BEHIND_PROXY: "true"
+      OVERLEAF_SECURE_COOKIE: "true"
+      OVERLEAF_SITE_URL: "https://overleaf.neuro.uni-bremen.de"
+      OVERLEAF_NAV_TITLE: "FB1 Overleaf"
+
+      OVERLEAF_ADMIN_EMAIL: "overleaf@neuro.uni-bremen.de"
+      OVERLEAF_EMAIL_FROM_ADDRESS: "overleaf@neuro.uni-bremen.de"
+      OVERLEAF_EMAIL_SMTP_HOST: "overleafsmtpd"
+      OVERLEAF_EMAIL_SMTP_PORT: "25"
+      OVERLEAF_EMAIL_SMTP_SECURE: "false"
+      OVERLEAF_EMAIL_SMTP_LOGGER: "true"
+      OVERLEAF_CUSTOM_EMAIL_FOOTER: "This system is run by the ITP"
+    networks:
+      - overleaf-network
+
+volumes:
+  overleaf_data:
+  overleaf_tex2024:
+
+networks:
+  overleaf-network:
+    external: true
+

overleafsmtpd/compose.yaml

@@ -0,0 +1,29 @@
+# docker network create overleaf-network
+services:
+  overleafsmtpd:
+    image: wodby/opensmtpd
+    container_name: overleafsmtpd
+    hostname: overleafsmtpd
+    restart: always
+    volumes:
+      - /root/overleafsmtpd/smtpd_pre.conf:/etc/gotpl/smtpd.conf.tmpl
+      - overleaf_smtpd:/var/spool/smtpd
+      - /var/run/docker.sock:/var/run/docker.sock
+    ports:
+      - 25:25
+    environment:
+      RELAY_HOST: "XXX"
+      RELAY_PROTO: "smtps"
+      RELAY_PORT: "XXX"
+      RELAY_USER: ${MAIL_USERNAME}
+      RELAY_PASSWORD: ${MAIL_PASSWORD}
+
+    networks:
+      - overleaf-network
+
+volumes:
+  overleaf_smtpd:
+
+networks:
+  overleaf-network:
+    external: true

overleafsmtpd/smtpd_pre.conf

@@ -0,0 +1,15 @@
+listen on 0.0.0.0
+listen on ::
+
+table aliases file:/etc/smtpd/aliases
+
+queue ttl 4d
+bounce warn-interval 1h, 6h, 2d
+
+smtp max-message-size 35M
+
+table authinfo db:/etc/smtpd/authinfo.db
+action default relay host "smtps://user@mailhost.neurotec.uni-bremen.de:465" auth <authinfo> tls no-verify
+match from any for any action default
+
+